Tag Archives: windows

Post navigation

But there are worse offenders. Microsoft’s service agreement is a monstrous 12,000 words in length, about the size of a novella. And who reads those, right? Well, here’s one excerpt from Microsoft’s terms of use that you might want to read:

We will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to.

Ok, maybe not…but its very likely that if you are reading this and find yourself needing to SSH here and there, you also use GIT. Well many are unaware that git for windows bundles several Linux familiar tools. Many might use these in the git bash shell.

That means that when Microsoft showed Windows 10 overtaking Windows 7, this apparently happened in August last year. Most other analysts don’t see that seismic shift happening globally until December 2017, at the earliest.

Microsoft does not intend to gather sensitive information, such as credit card numbers, usernames and passwords, email addresses, or other similarly sensitive information for Linguistic Data Collection. We guard against such events by using technologies to identify and remove sensitive information before linguistic data is sent from the user’s device. If we determine that sensitive information has been inadvertently received, we delete the information.

If you do not want to wait for Anniversary Update (which will be released in July 2016) or if Active Hours is not a solution for you, you can permanently stop Windows 10 reboots after updates are installed if you follow the steps below.

Just bought a refurbished I7 machine with Windows 10 Home edition to use for gaming and run VMs via Virtual Box. The VMs need to be up 24/7 if they are an active unit. This box has a lot of RAM so it can run many VMs. Microsoft brought them all down last night with an update then reboot. This is totally unacceptable. Most of the solutions on the web using gpedit.msc or regedit do not work on Windows Home since we are the lowest OS on the MS totem pole.

The procedure in the above website worked for Windows 10 Home. Now I just have to wait a week or so to see if it really stops the auto reboot. I don’t mind having to queue up updates that require reboot. VMs need to be shutdown gracefully. Many people use their computers for doing things other than consuming mass media.

The tactics Microsoft employed to get users of earlier versions of Windows to upgrade to Windows 10 went from annoying to downright malicious. Some highlights: Microsoft installed an app in users’ system trays advertising the free upgrade to Windows 10. The app couldn’t be easily hidden or removed, but some enterprising users figured out a way. Then, the company kept changing the app and bundling it into various security patches, creating a cat-and-mouse game to uninstall it.

And while users can disable some of these settings, it is not a guarantee that your computer will stop talking to Microsoft’s servers. A significant issue is the telemetry data the company receives. While Microsoft insists that it aggregates and anonymizes this data, it hasn’t explained just how it does so.

WPAD is a protocol, developed in 1999 by people from Microsoft and other technology companies, that allows computers to automatically discover which web proxy they should use. The proxy is defined in a JavaScript file called a proxy auto-config (PAC) file.

The location of PAC files can be discovered through WPAD in several ways: through a special Dynamic Host Configuration Protocol (DHCP) option, through local Domain Name System (DNS) lookups, or through Link-Local Multicast Name Resolution (LLMNR).

The researchers recommended computer users disable the protocol. “No seriously, turn off WPAD!” one of their presentation slides said. “If you still need to use PAC files, turn off WPAD and configure an explicit URL for your PAC script; and serve it over HTTPS or from a local file.”

To prevent Windows from tracking which network support WPAD, you need to make a simple registry change:

Click the Start button, and in the search field, type in “regedit”, then select “regedit.exe” from the list of results
Navigate through the tree to “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad”
Once you have the “Wpad” folder selected, right click in the right pane, and click on “New -> DWORD (32-Bit Value)”
Name this new value “WpadOverride”
Double click the new “WpadOverride” value to edit it
In the “Value data” field, replace the “0” with a “1”, then click “OK”
Reboot the computer

Basically, the default User Authentification Settings of Edge/Spartan (also Internet Explorer, Outlook) lets the browser connect to local network shares, but erroneously fail to block connections to remote shares. To exploit this, an attacker would simply set up a network share. An embedded image link that points to that network share is then sent to the victim, for example as part of an email or website. As soon as the prepped content is viewed inside a Microsoft product such as Edge/Spartan, Internet Explorer or Outlook, that software will try to connect to that share in order to download the image. Doing so, it will silently send the user’s Windows login username in plaintext along with the NTLMv2 hash of the login password to the attacker’s network share.

Anti-Beacon is small, simple to use, and is provided free of charge. It was created to address the privacy concerns of users of Windows 10 who do not wish to have information about their PC usage sent to Microsoft. Simply clicking “Immunize” on the main screen of Anti-Beacon will immediately disable any known tracking features included by Microsoft in the operating system.

Post navigation

Archives

Archives

Links

The links below show sites for products I use or provide information and/or knowledge I find useful and you may too. There are no paid advertisements on this site and no google (or anyone else's) analytic user tracking.